I wonder if anyone has any advice. We changed password policy to 20000 days a
few weeks ago.
Over the weekend, passwords expired and now we cannot login. All admin accounts
are essentially unusable.
Seems to be this issue: https://fedorahosted.org/freeipa/ticket/3312
Any ideas how to get the admin accounts working again? We can't even login to
reverse the password policy change.
When we attempt to use the commands we get:
ipa: ERROR: did not receive Kerberos credentials
Of course, we can't kinit. Fortunately, it's only a small network of machines,
so it's fairly humorous. We'd rather not have to rebuild though or recover
I presume we just need to somehow get into LDAP without authentication and
force change policy.
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project